With PBKDF2/RFC2898/PKCS#5v2, BCrypt, and Scrypt, sufficiently long cryptographically random per-user salts, and iterations in the tens of thousands or sufficiently high work factors we will defeat the lesser foe, weak password storage!

With education, sufficiently large keyspaces, nigh-unlimited maximum lengths, sufficiently long minimum lengths, and rules-based dictionary lookup exclusions, in time we will defeat the even more fearsome enemy of the weak password itself!